Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / beb529d6f4998e6170292a5b59255c731bdd2d5b^! / .
commitbeb529d6f4998e6170292a5b59255c731bdd2d5b[log] [tgz]
authorSona Mathew <sonarebecca.mathew@arm.com>Thu May 23 15:59:50 2024 -0500
committerSona Mathew <sonarebecca.mathew@arm.com>Tue Dec 17 10:28:09 2024 -0600
tree4b55b1fc5d29c0120f7ff98b3799372743ce04c4
parenta6bbb27a52a5fa4078c34a20ae910640856eda4a [diff]
fix(cpus): workaround for CVE-2024-5660 for Cortex-A78C

Implements mitigation for CVE-2024-5660 that affects Cortex-A78C
revisions r0p0, r0p1, r0p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.

Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660

Change-Id: Ieb8d7b122320d16bf8987a43dc683ca41227beb5
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

diff --git a/lib/cpus/aarch64/cortex_a78c.S b/lib/cpus/aarch64/cortex_a78c.S
index 260cc73..3f6944a 100644
--- a/lib/cpus/aarch64/cortex_a78c.S
+++ b/lib/cpus/aarch64/cortex_a78c.S

@@ -21,6 +21,13 @@
 	wa_cve_2022_23960_bhb_vector_table CORTEX_A78C_BHB_LOOP_COUNT, cortex_a78c
 #endif /* WORKAROUND_CVE_2022_23960 */
 
+/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */
+workaround_reset_start cortex_a78c, CVE(2024, 5660), WORKAROUND_CVE_2024_5660
+	sysreg_bit_set CORTEX_A78C_CPUECTLR_EL1, BIT(46)
+workaround_reset_end cortex_a78c, CVE(2024, 5660)
+
+check_erratum_ls cortex_a78c, CVE(2024, 5660), CPU_REV(0, 2)
+
 workaround_reset_start cortex_a78c, ERRATUM(1827430), ERRATA_A78C_1827430
 	/* Disable allocation of splintered pages in the L2 TLB */
 	sysreg_bit_set CORTEX_A78C_CPUECTLR_EL1, CORTEX_A78C_CPUECTLR_EL1_MM_ASP_EN